Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/49BD6AD8024011EF9F582659C4F9AE02.roa
File: 49BD6AD8024011EF9F582659C4F9AE02.roa (raw, json)
Hash identifier: E8iNltXFtnWbLZ91xRbsiYowsuvcNHGoCEc1OWX0BFE=
Subject key identifier: 93:32:25:C7:BA:09:D3:59:89:A8:D2:3F:50:0C:CF:07:46:EF:7D:D3
Certificate issuer: /CN=A911CFCE/serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8
Certificate serial: 02
Authority key identifier: 86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/49BD6AD8024011EF9F582659C4F9AE02.roa
Signing time: Wed 24 Apr 2024 13:41:01 +0000
ROA not before: Wed 24 Apr 2024 13:41:01 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152708
IP address blocks: 103.40.52.0/23 maxlen: 24
2001:df3:b7c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 14:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CFCE/serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8
Validity
Not Before: Apr 24 13:41:01 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66290bed-a1b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:d6:a1:38:b3:3f:a8:a8:6b:7c:88:74:fe:
d5:49:e4:fb:05:d2:92:0b:2e:76:22:2d:0c:b1:9e:
de:e4:8a:fc:0f:fb:31:fe:fb:89:e9:06:5f:14:de:
33:99:05:1f:25:55:ba:53:0b:66:ef:db:0d:31:be:
ea:d9:ea:2d:c1:be:f3:8a:1d:f2:92:d0:20:f2:8f:
33:4b:bb:3a:d6:bd:94:b6:5b:d0:5f:fb:34:47:7a:
af:8d:26:73:13:f6:01:ee:85:c7:a9:a2:16:d0:94:
c3:ff:cb:6e:7e:3f:60:d5:da:8a:1c:84:44:0a:cc:
c9:26:fa:3b:a8:98:0c:79:50:87:e0:6c:06:45:28:
c7:47:15:83:7a:c8:c3:bf:47:da:e6:c5:af:53:2b:
87:36:2e:3e:02:2e:bd:49:9f:57:45:22:e3:05:73:
8c:92:3f:b8:0b:12:38:df:41:32:ed:bc:ec:fc:1f:
2a:62:dd:b9:58:69:ca:ff:8e:e5:c2:f2:e8:c1:a0:
82:62:f1:4e:b7:0e:a7:fb:9c:92:ad:8c:11:80:2a:
5e:48:97:20:ff:38:e0:29:f9:99:8e:74:5e:44:ab:
6d:f2:cb:92:43:7f:b3:6d:81:83:05:68:ef:91:fa:
16:0f:15:0d:30:f8:4a:94:02:5c:1d:9a:e4:7f:cf:
97:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:32:25:C7:BA:09:D3:59:89:A8:D2:3F:50:0C:CF:07:46:EF:7D:D3
X509v3 Authority Key Identifier:
keyid:86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/49BD6AD8024011EF9F582659C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.52.0/23
IPv6:
2001:df3:b7c0::/48
Signature Algorithm: sha256WithRSAEncryption
bb:8d:79:b9:d2:73:2c:4a:66:17:ef:15:bb:27:a0:11:65:9f:
06:bc:fa:09:fe:a7:72:8b:24:00:06:e1:06:c3:ea:75:cd:60:
9d:86:7f:e9:aa:c1:1c:8b:9a:ad:f6:70:64:b7:61:4c:b7:91:
1f:a2:b4:40:8c:ee:4b:80:12:15:b3:d0:77:ae:61:27:c3:f5:
3e:c7:3f:89:05:b3:73:4b:5f:2c:ab:bf:70:aa:0f:ba:8c:6a:
5b:43:8c:d7:20:e6:9c:91:df:9a:1a:9c:af:ea:82:7a:2f:8f:
08:62:74:94:25:85:00:a8:39:e1:7e:93:00:73:8a:ac:58:69:
57:55:24:e8:92:56:78:6e:3a:0d:64:86:f4:91:f4:71:3a:eb:
dc:be:56:e9:c3:84:5a:31:d0:57:3c:3c:45:a7:c3:6d:bf:81:
17:31:a1:9b:ca:23:8c:55:56:21:f3:d5:15:f4:c0:79:29:b9:
23:63:67:83:03:32:db:ce:c6:3f:86:bd:de:69:61:55:f4:64:
6b:16:69:46:ba:10:61:58:2e:1e:f2:8c:f0:44:5d:bb:c2:72:
d4:e1:0c:6b:20:b7:57:50:3b:70:ef:bb:6a:1e:54:dd:90:59:
e9:21:ba:94:dd:ca:19:72:d3:f0:c6:51:52:53:7e:40:dc:52:
d2:0d:56:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
Q0ZDRTExMC8GA1UEBRMoODY2RTc4RDFBNDVFOEZEMTI2ODA4QUZGN0NFQTRGQzA4
RTdEOTJBODAeFw0yNDA0MjQxMzQxMDFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MjkwYmVkLWExYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDA9dahOLM/qKhrfIh0/tVJ5PsF0pILLnYiLQyxnt7kivwP+zH++4npBl8U3jOZ
BR8lVbpTC2bv2w0xvurZ6i3BvvOKHfKS0CDyjzNLuzrWvZS2W9Bf+zRHeq+NJnMT
9gHuhcepohbQlMP/y25+P2DV2oochEQKzMkm+juomAx5UIfgbAZFKMdHFYN6yMO/
R9rmxa9TK4c2Lj4CLr1Jn1dFIuMFc4ySP7gLEjjfQTLtvOz8Hypi3blYacr/juXC
8ujBoIJi8U63Dqf7nJKtjBGAKl5IlyD/OOAp+ZmOdF5Eq23yy5JDf7NtgYMFaO+R
+hYPFQ0w+EqUAlwdmuR/z5dNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUkzIlx7oJ
01mJqNI/UAzPB0bvfdMwHwYDVR0jBBgwFoAUhm540aRej9EmgIr/fOpPwI59kqgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDRkNFL0UwQkUzNkFDMDIz
RjExRUY4RTVDMUU1OEM0RjlBRTAyL2htNTQwYVJlajlFbWdJcl9mT3BQd0k1OWtx
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaG01NDBhUmVqOUVtZ0lyX2ZPcFB3STU5a3FnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
Q0ZDRS9FMEJFMzZBQzAyM0YxMUVGOEU1QzFFNThDNEY5QUUwMi80OUJENkFEODAy
NDAxMUVGOUY1ODI2NTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcoNDAPBAIAAjAJAwcAIAEN87fAMA0GCSqGSIb3DQEBCwUA
A4IBAQC7jXm50nMsSmYX7xW7J6ARZZ8GvPoJ/qdyiyQABuEGw+p1zWCdhn/pqsEc
i5qt9nBkt2FMt5EforRAjO5LgBIVs9B3rmEnw/U+xz+JBbNzS18sq79wqg+6jGpb
Q4zXIOackd+aGpyv6oJ6L48IYnSUJYUAqDnhfpMAc4qsWGlXVSToklZ4bjoNZIb0
kfRxOuvcvlbpw4RaMdBXPDxFp8Ntv4EXMaGbyiOMVVYh89UV9MB5KbkjY2eDAzLb
zsY/hr3eaWFV9GRrFmlGuhBhWC4e8ozwRF27wnLU4QxrILdXUDtw77tqHlTdkFnp
IbqU3coZctPwxlFSU35A3FLSDVbo
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org